Fetch Office 365 URL categories

Before you begin, you will need to have BIG-IP devices with the SSLO service discovered and imported. You will also need to ensure that all devices you wish to add to the Office 365 fetch schedule are running the same SSLO RPM version. If you need to upgrade the SSLO version on a device or discover and import SSLO, please follow the procedures in Managing SSL Orchestrator Using BIG-IQ.

Office 365 URLs are a set of URLs that Microsoft has defined for Office365 resources. From BIG-IQ, you can create a schedule to fetch Office 365 URLs and configure URL categories, which you then attach to an SSLO security policy and deploy in an SSLO topology configuration. The categories that will be created from this fetch are Allow, Default, Optimize and All (All includes URLs from all categories). If you add the Allow category of O365 URLs to a security policy, the traffic will not be inspected. If you add the Default category to a policy, the package will be inspected. If you select the Optimize category to add to a security policy, you are choosing to optimize traffic speed for critical Microsoft endpoints such as Outlook and Sharepoint. If you fetch All categories, you can add all of the above Microsoft endpoints to a security policy.

This list is dynamic and is frequently updated by Microsoft. You can also use this page to view the result of the last run and to view the past and upcoming run schedule.

1. Scheduler Properties

2. Navigate to Configuration > SSL Orchestrator > O365 URLs.

3. For Frequency, specify how often you would like to fetch O365 URL categories. From the dropdown menu, select a cadence of Monthly or Weekly and enter a number between 1 and 28 for the day of the month you want to run the report. Finally, specify the time in a 24-hour format. Enter in the format HR: MIN.

4. For Start Date/Time, enter a date or use the calendar widget to pick a date in the future to begin running the report. Specify a time in a 24-hour format.

5. To authorize BIG-IQ to immediately fetch O365 URL categories, select the checkbox by Fetch Now.

6. O365 URL Category Configuration

7. Specify an Endpoint from the dropdown menu from which to fetch the URL categories.

8. For Use required URLs only, select Yes to fetch the minimum required URLs for O365 connectivity. Select No to fetch all URLs, including the minimum required ones.

9. For Include URLs, enter any URLs that are not categorized as O365 URLs that you would like to fetch. Add additional URLs with the + icon.

10. To exclude URLs or domain extensions from this fetch, enter the URL or extension in the Exclude URLs.

    For example, if you want to exclude google.com from your fetch and all addresses ending in .net, enter google.com in the field, select the + icon to add an additional line. On the next line, enter .net.

11. To choose managed BIG-IP devices or device clusters on which to deploy the URL categories, use the arrows to move the BIG-IP devices or clusters from the Available to the Selected menu.

    Note: All selected BIG-IP devices must be running the same SSLO RPM version.

12. Service Area

13. If you would like to fetch URLs for a specific category such as Microsoft Exchange, select Yes. To exclude a category from the scheduled fetch, select No next to that category.

    Note: BIG-IQ will always fetch the common O365 URLs.

14. Run Information

15. Under the Run Information section, you can view the the result of the last run, as well as the devices and clusters that the URL categories were deployed to. You can also view the last run time, and the next scheduled run time.

16. Select Save to save this schedule.

After you have finished configuration, you can add the Office 365 URL categories to a security policy rule when the network traffic matches all categories. You can then deploy the security policy on target BIG-IP devices.